802.11a Relay - How To Build the PoE Adapter

First add straight-thru leads for the ethernet signal between the two connectors as shown. Then, cut the plugpack lead, and solder it to some solid core ethernet cable strands. We used cat-5 wiring standard T-568B for our adapter.

The white stripe on the plugpack wire goes to 4-5 (blue/bluewhite) and the totally black lead goes to 7-8 (brown-brownwhite). Then feed those strands into a double ethernet jack box. Punch those strands down as color coded on the block and you're done!

According to this poe calculator at 100ft it should still
get 12.5 even at the full 1 Amp (probably more than the AP draws).

DO NOT PLUG IN A STANDARD POE ADAPTER. Although the AP supports power on its ethernet port, close reading of the Proxim Harmony Power System manual, which also contains the PoE pinouts, suggests that Proxim was using 24V rather than the 48V which was later adopted as standard. Maybe someone can review the parts on the board and provide a definitive answer?

802.11a Relay - How To Build the AP End of the Relay

One end of the AP uses an unmodified Proxim Harmony AP. Unmodified as in - you could return this under warranty. Accordingly, this is the simple end of the relay. The parts you need for this end are:

• Proxim Harmony AP
• double ethernet jack for PoE
• SMA to N-Female Adapter
• N-Male to N-Male Cable
• 5.x GHz panel antenna
• outdoor case
• misc hardware: wires, U bolt/threaded rod, nuts etc.

Putting everything in the case is a fun part. There's a few non-obvious details however. By taking some simple signal strength measurements, we found that the antenna connector furthest from the ethernet jack is the 'primary' antenna, so be sure to use that. Also, sometimes the AP won't boot if the other antenna is left disconnected. Sure enough, the manual even says this on page 44: For Model 8571, you must use two antennas. This was inconsistent - sometimes it would boot and not others, so we left the 2nd antenna connected.

We decided to use an SMA to N-Female adapter because we're standardizing all our radios to have N-Female connectors so our antenna cables can all be identical. However you could instead buy a custom cable to suit. Note that this is an SMA connector, not the Reverse Polarity SMA (RP-SMA) connector that many 802.11b/g Access Points use.

Connecting and mounting the antenna is simple enough. Note there's no up/downtilt on this antenna mount. You can fudge this by jamming something appropriate at the top or bottom fitting to tilt up or down as needed.

The final piece of the puzzle is to create a PoE adapter. The Proxim already has internal support to take up to 24V power from the ethernet cable, so we just need an 'injector' to add the power to the ethernet cable. I.e., this is half of the PoE project. We measured the voltage from the supplied plug pack at 13.7VDC under load which was far enough above the manual's specified 12VDC input that we thought we could use the standard plugpack. Our first installation is running succesfully at 105 feet, so it seems to work in practice ok.

Configure Pebble SNMP

Pebble does not come with SNMP installed. Fortunately there is a contribution that makes it available.

Here is how we installed SNMP on a Pebble that was already in operation (always a scary thing to do!).

Get the avcNetSNMPv3-0.0.2.tar.gz file onto the pebble box. We used the scp that was built into the ssh client I was using. By default it will end up in the /root directory. The untar it and install it as follows:

tar -xvzf avcNetSNMPv3-0.0.2.tar.gz
remountrw
cp init.d/snmpd /etc/init.d
chmod +x /etc/init.d/snmpd
mkdir /ro/etc/snmp 
cp ro/etc/snmp/snmpd.conf /ro/etc/snmp
mkdir /ro/var/net-snmp
cp ro/var/net-snmp/snmpd.conf /ro/var/net-snmp/
cp sbin/snmpd /sbin
chmod +x /sbin/snmpd 
mkdir /etc/snmp                                   
ln -s /rw/etc/snmp/snmpd.conf /etc/snmp/snmpd.conf
mkdir /var/net-snmp/
ln -s /rw/var/net-snmp/snmpd.conf /var/net-snmp/snmpd.conf

If you think you got it all correct, you can then issue a fastreboot command to restart your machine.

Now that its installed, you can test it. Do this with:

/etc/init.d/snmpd start
cat /var/log/snmpd.log

You may see some errors about renaming files. These should go away after the next reboot.

Once you're satisfied its working correctly, you can now set it up to automatically start when Pebble boots. This can be done as follows:

cd /etc/rc0.d
ln -s ../init.d/snmpd K20snmpd
cd /etc/rc1.d
ln -s ../init.d/snmpd K20snmpd
cd /etc/rc2.d
ln -s ../init.d/snmpd S20snmpd
cd /etc/rc3.d
ln -s ../init.d/snmpd S20snmpd
cd /etc/rc4.d
ln -s ../init.d/snmpd S20snmpd
cd /etc/rc5.d
ln -s ../init.d/snmpd S20snmpd
cd /etc/rc6.d
ln -s ../init.d/snmpd K20snmpd

Now if you do a fastreboot you should find snmpd running succesfully.

Now you're ready to fire up your favourite snmp client and start generating pretty graphs.

802.11a Relay - Build Bridge End of Relay

The bridge end of the relay takes the feed from the 802.11a AP end and routes it for use locally (e.g. to feed an 802.11b Access Point). We used a Proxim card and antenna lead taken from a Proxim 8571 AP. Software is NYCWireless's Pebble distribution.

(Yes, we'll expand on this page!)

802.11a Relay - Configure Soekris and Pebble

We decided to use Pebble for the client end of the relay - in part because it was the only distro we tried that would recognise the Atheros-based radio card.

First you'll need a compact flash with pebble. For this you'll need a Linux system and a CF adapter that works with it (we used the 'test' release of Debian's Sarge version). Then follow the instructions in the pebble readme. If you follow the directions it works great. This is not trivial for a Linux newcomer, so get help if need be.

Now plug your Soekris into a serial port, run a suitable terminal program (like Tera Term) set it to 19200 baud and fire it up. Iinterrupt the boot sequence within 5 secs with Ctrl-P and then enter the following commands:

set conspeed 9600
set pxeboot disabled
set bootdelay 2

The console speed is set to match the default pebble console speed. Disabling PXE boot seems like a good idea. And the minimum 2 seconds boot delay shaves 3 seconds off the boot time.

Now power off the Soekris, plug the flash card into it and power up again, or type 'reboot' if you already have the card installed. Change your terminal program speed to 9600 and (hopefully) watch the pebble boot sequence unfold. Now we're ready to configure Pebble.

What we're trying to achieve is:

• 802.11a radio is a client to the remote AP. Thus it will need an address on the 10.0.0.x subnet. We chose arbitrarily chose 10.0.0.129. The AP at the other end of the link is at 10.0.0.128/24 with MAC address of 00:20:a6:47:f9:77.
• We will specify the MAC address of our AP to the client rather than just the SSID for no particular reason other than slight paranoi and to avoid future confusion if we have more APs with the same SSID that it might erroneously connect with.
• On the eth0 interface we want to provide dhcp services at 10.0.3.x and this will be the gateway port at 10.0.3.1.
• We wanted DNS caching/forwarding both to simplify config (it makes the gateway and DNS servers the same which is easier to tell people over the phone if need be) and reduce traffic and load on the central DNS forwarder.
• We do not need nocat for this scenario (we have a captive portal already)

With the above in mind, let's get things set up! Log in to pebble via the serial port (using 'root' and the password you specified when building pebble). Then issue the command:

/usr/local/sbin/remountrw

so that your changes can be saved. Now edit the /etc/network/interfaces file. (I used 'vi /etc/network/interfaces'). Comment out or remove what's there and add the following:

auto lo
iface lo inet loopback

iface ath0 inet static
        address 10.0.0.129
        netmask 255.255.255.0
        broadcast 10.0.0.255
        gateway 10.0.0.1
        up iwconfig ath0 ap 00:20:A6:47:F9:77
# alternatively use
#       up iwconfig ath0 mode managed essid socalfreenet.org 

auto eth0
iface eth0 inet static
        address 10.0.3.1
        netmask 255.255.255.0
        broadcast 10.0.3.255

This tells it that 'ath0', the radio card, will be at 10.0.0.129 on the 10.0.0.x (/24) subnet and its gateway is 10.0.0.1. The iwconfig line tells it to register with the AP specified by the mac address that follows. It then configures the eth0 port for a static IP of 10.0.3.1/24. Save the changes and exit the editor (Shift ZZ in vi).

Now the IPs are specific, but the atheros radio isn't started yet (type ifconfig at the prompt to confirm). Some magic is needed to get it going. At least it seemed like magic to me. I'm sure there's a simpler, more elegant and more correct way to do this, but this is what worked for me. We need to create a new file /etc/rcS.d/S99local and place in it:

#!/bin/sh
modprobe ath_pci
ifup --force -v ath0

Then issue the command:

chmod 777 /etc/rcS.d/S99local

This file will be executed at the appropriate place in the startup sequence and will start the radio card.

April 6 update: Another configuration we've started using is a Soekris 4511 with an 802.11a and 802.11b card. This becomes a combination AP and relay radio in one box. If you're using the miniPCI card, you need to add the following commands to the S99local file:

modprobe hostap_pci
ifup --force -v wlan0

Alternatively, if you use a Soekris 4521 and a PCMCIA 802.11b card as the 2nd card, then you can omit the modprobe hostap_pci line.

For our scenario we wanted to disable nocat. To do this, mount the CF read-write and edit /etc/inittab to comment out the last line where it is started. After editing it should read:

#NC:23:respawn:start-stop-daemon -S -c nocat --exec /usr/local/nocat/bin/gateway -- -F

We're not done yet, but this is a good point to restart and check your work so far. Type:

/usr/local/sbin/fastreboot

to save all the changes made so far to the compact flash and then reboot the Soekris. After logging in, the (trimmed) ifconfig command output will look something like this:

pebble:~# ifconfig
ath0      Link encap:Ethernet  HWaddr 00:20:A6:47:86:7A
          inet addr:10.0.0.129  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:633 errors:0 dropped:0 overruns:0 frame:0
          TX packets:30 errors:7 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:199
          RX bytes:46932 (45.8 KiB)  TX bytes:2062 (2.0 KiB)
          Interrupt:10 Memory:c4895000-c48a5000

eth0      Link encap:Ethernet  HWaddr 00:00:24:C1:8C:34
          inet addr:10.0.3.1  Bcast:10.0.3.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:120 (120.0 b)  TX bytes:0 (0.0 b)
          Interrupt:11 Base address:0x7000

and you should be able to ping the access point:

PING 10.0.0.128 (10.0.0.128): 56 data bytes
64 bytes from 10.0.0.128: icmp_seq=0 ttl=15 time=59.2 ms
64 bytes from 10.0.0.128: icmp_seq=1 ttl=15 time=1.7 ms

--- 10.0.0.128 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 1.7/30.4/59.2 ms

You may see some console output as the atheros card adjusts its rate due to errors:
ath_rate_ctl: 36M -> 24M (0 ok, 2 err, 2 retr). You can avoid this link retraining by specifying a link speed in the /etc/network/interfaces file.
So far, so good. You should now be able to log in using an ssh client on your network. This will be faster than using console, but either works.

Now we can get the machine running correct as a gateway on eth0. Again mount the CF read/write with:

/usr/local/sbin/remountrw

Now add the DNS servers by editing /etc/resolv.conf and replacing the servers listed with your own, e.g.:

nameserver 10.0.0.1
nameserver 64.81.45.2

Now we configure the DNS cache / forwarder. Enter the following commands:

echo 10.0.3.1 >/ro/var/dnscache/env/IP
touch /ro/var/dnscache/root/ip/10.0.3
ln -s /rw/var/dnscache/root/ip/10.0.3 /var/dnscache/root/ip/10.0.3
rm /ro/var/dnscache/root/ip/192.168.*

(Answer 'y' when prompted by rm.). These commands tell the DNS caching program, djbdns which interface to listen on (10.0.3.1) and to provide DNS service for the 10.0.3 subnet.

With the DNS servers configured, we can now setup the DHCP server to hand out DNS server addresses along with local IPs. Edit the file /etc/default/dhcp so it contains the single (non-commented) line:

INTERFACES="eth0"

which tells the DHCP server which interface to operate on. Next, edit the file /etc/dhcpd.conf so it has the ilnes:

option subnet-mask 255.255.255.0;
default-lease-time 600;
max-lease-time 7200;

subnet 10.0.3.0 netmask 255.255.255.0 {
  range 10.0.3.10 10.0.3.99;
  option routers 10.0.3.1;
  option broadcast-address 10.0.3.255;
  option domain-name-servers 10.0.3.1,10.0.0.1;
}

Here we've specified both 10.0.3.1 and the main DNS forwarder 10.0.0.1 both as possible DNS servers. Now save your changes and reboot again:

/usr/local/sbin/fastreboot

After the reboot is complete, you're ready to test your configuration.

Update: Mar 22 2004: It's handy to set the time after getting everything going. In our configuration where our gateway runs an ntp server, you can do this with

ntpdate -u 10.0.0.1
/sbin/hwclock --systohc

This makes the logs much easier to compare with other logs after updating.

Update for Metrix Boxes

Some quick notes now that we're using Metrix boxes for most of our a/b relay/AP installs (mostly for myself so I don't have to remember each time!). Note that Metrix has bind installed and not djbdns.

• set bootdelay 2
• edit /etc/network/interfaces
• edit /etc/default/dhcp to add the interfaces which will have a DHCP server running
• edit /etc/dhcpd.conf so it serves appropriate addresses
• edit /etc/bind/named.conf and uncomment the query-source line and add the forwarders. Also add the line "forward only", not to be confused with the perhaps pre-existing commented out line "forward-only".